This week's articles
Escalating from Logic App Contributor to Root Owner in Azure
Having Contributor access to an Azure Resource Manager (ARM) API Connection would allow you to create arbitrary role assignments as the connected user. This was supposed to be limited to actions at the Resource Group level, but an attacker could escape to the Subscription or Root level with a path traversal payload.
Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities
#attack, #gcp, #kubernetes
Users able to create a pod could have abused these to (1) escape their pod and compromise the underlying node, (2) escalate privileges and become full cluster administrators, and (3) covertly persist administrative access through backdoors that are completely invisible to cluster operators.
HCP Packer Is Now Generally Available
#announcement, #build, #ci/cd, #terraform
HCP Packer provides automation, collaboration, and security for managing images across multiple clouds. It includes image security and compliance workflows with Terraform Cloud.
Google Announces Intent to Acquire Mandiant
From the statement: "As a recognized leader in strategic security advisory and incident response services, Mandiant brings real-time and in-depth threat intelligence gained on the frontlines of cybersecurity with the largest organizations in the world."